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Response to the Office action of June 20, 2007 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

The Status of the Claims 

1 . (Original) A method to provide network traffic support and physical security support 
comprising: 

initializing a virtual machine monitor (VMM) in a processor system during a pre-boot 

phase; 

identifying at least one of a network traffic intrusion event and a physical security 
intrusion event with the VMM; and 

implementing at least one of a network traffic support and a physical security support in 
response to the at least one of the network traffic intrusion event and the physical security 
intrusion event. 

2. (Original) A method as defined in claim 1, wherein identifying the at least one of the 
network traffic intrusion event and the physical security intrusion event with the VMM 
comprises detecting at least one of a packet accessing a restricted port, a packet associated with a 
virus identifier, a SYN packet, and an alert standard format packet. 

3. (Previously presented) A method as defined in claim 1, wherein identifying the at least 
one of the network traffic intrusion event and the physical security intrusion event with the 
VMM comprises detecting opening of a chassis of the processor system via a chassis intrusion 
switch. 
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4. (Original) A method as defined in claim 1, wherein implementing the at least one of 
the network traffic support and the physical security support comprises discarding a packet 
associated with network traffic in response to identifying the network traffic intrusion event. 

5. (Original) A method as defined in claim 1, wherein implementing the at least one of 
the network traffic support and the physical security support comprises disabling the processor 
system in response to identifying the physical security intrusion event. 

6. (Original) A method as defined in claim 1, further comprising identifying a user 
authorization for the physical security intrusion event of the processor system. 

7. (Original) A method as defined in claim 1, wherein the processor system is associated 
with at least one of a private internal network and the Internet. 

8. (Original) A machine readable medium storing instructions, which when executed, 
cause a machine to: 

initialize a virtual machine monitor (VMM) in a processor system during a pre-boot 

phase; 

identify at least one of a network traffic intrusion event and a physical security intrusion 
event with the VMM; and 

implement at least one of a network traffic support and a physical security support in 
response to detecting the at least one of the network traffic intrusion event and the physical 
security intrusion event. 
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9. (Original) A machine readable medium as defined in claim 8, wherein the instructions 
cause the machine to identify the at least one of the network traffic intrusion event and the 
physical security intrusion event within the VMM by detecting at least one of a packet accessing 
a restricted port, a packet associated with a virus identifier, a SYN packet, and an alert standard 
format packet. 

10. (Original) A machine readable medium as defined in claim 8, wherein the instructions 
cause the machine to identify the at least one of the network traffic intrusion event and the 
physical security intrusion event within the VMM by detecting opening of a chassis of the 
processor system via a chassis intrusion switch. 

11. (Original) A machine readable medium as defined in claim 8, wherein the instructions 
cause the machine to implement the at least one of the network traffic support and the physical 
security support by discarding a packet associated with network traffic in response to identifying 
the network traffic intrusion event. 

12. (Original) A machine readable medium as defined in claim 8, wherein the instructions 
cause the machine to implement the at least one of the network traffic support and the physical 
security support by disabling the processor system in response to identifying the physical 
security intrusion event. 

13. (Original) A machine readable medium as defined in claim 8, wherein the processor 
system is associated with at least one of a private internal network and the Internet. 



Page 4 of 13 



U.S. Serial No. 10/685,882 

Response to the Office action of June 20, 2007 

14. (Original) A machine readable medium as defined in claim 8, wherein the machine 
readable medium comprises one of a programmable gate array, application specific integrated 
circuit, erasable programmable read only memory, read only memory, random access memory, 
magnetic media, and optical media. 

15. (Original) An apparatus to provide network traffic support and physical security 
support comprising: 

a data structure configured to store firmware of a processor system; and 
a virtual machine monitor initialized from the firmware during a pre-boot phase to 
identify at least one of a network traffic intrusion event and a physical security intrusion event, 
and to implement at least one of a network traffic support and a physical security support in 
response to detecting the at least one of the network traffic intrusion event and the physical 
security intrusion event. 

16. (Original) An apparatus as defined in claim 15, wherein the network traffic intrusion 
event comprises detection of at least one of a packet accessing a restricted port, a packet 
associated with a virus identifier, a SYN packet, and an alert standard format packet. 

17. (Original) An apparatus as defined in claim 15, wherein the physical security 
intrusion event comprises opening a chassis of the processor system. 

18. (Original) An apparatus as defined in claim 15, further comprising a chassis intrusion 
switch coupled to the VMM and configured to detect a physical security intrusion event of a 
chassis of the processor system. 
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19. (Original) An apparatus as defined in claim 15, wherein the VMM is configured to 
discard a packet associated with network traffic in response to identifying the network traffic 
intrusion event. 

20. (Original) An apparatus as defined in claim 15, wherein the VMM is configured to 
disable the processor system in response to identifying the physical security intrusion event. 

21. (Original) An apparatus as defined in claim 15, wherein the data structure comprises a 
flash memory. 

22. (Original) An apparatus as defined in claim 15, wherein the processor system is 
associated with at least one of a private internal network and the Internet. 

23. (Original) A processor system to provide network traffic support and physical 
security support comprising: 

a flash memory configured to store code associated with a virtual machine monitor 
(VMM) of the processor system; and 

a processor operatively coupled to the flash memory, the processor being programmed to 
initialize the VMM during a pre-boot phase, to identify at least one of a network traffic intrusion 
event and a physical security intrusion event with the VMM, and to implement at least one of a 
network traffic support and a physical security support in response to the at least one of the 
network traffic intrusion event and the physical security intrusion event. 
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24. (Original) A processor system as defined in claim 23, wherein the network traffic 
intrusion event comprises detection of at least one of a packet accessing a restricted port, a 
packet associated with a virus identifier, a SYN packet, and an alert standard format packet. 

25. (Original) A processor system as defined in claim 23, wherein the physical security 
intrusion event comprises opening a chassis of the processor system. 

26. (Original) A processor system as defined in claim 23, further comprising a chassis 
intrusion switch coupled to the processor and configured to detect a physical security intrusion 
event of a chassis of the processor system. 

27. (Original) A processor system as defined in claim 23, wherein the processor is 
programmed to discard a packet associated with network traffic in response to detecting the 
network traffic intrusion event. 

28. (Original) A processor system as defined in claim 23, wherein the processor is 
programmed to disable the processor system in response to detecting the physical security 
intrusion event. 

29. (Original) A processor system as defined in claim 23 is associated with at least one of 
a private internal network and the Internet. 

30. (New) A method as defined in claim 1, wherein the VMM continuously identifies the 
at least one network traffic intrusion and physical security intrusion event. 
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3 1 . (New) A method as defined in claim 1, wherein the VMM identifies both at least one 
of a network traffic intrusion event and at least one physical security intrusion event. 

32. (New) A method as defined in claim 1, further comprising initializing a plurality of 
virtual machines, wherein each of the plurality of virtual machines operates like a complete 
physical machine that can run its own operating system. 
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